Politifact Fact Checking Website Hacked To Mine Monero Cryptocurrency
Security researcher Troy Mursch noticed something was awry on Friday when he visited Politifact's website. While perusing the site, his CPU usage spiked to 100 percent. Upon further investigation, he discovered multiple instances of Coin Hive, a piece of code that some websites use to mine a form of cryptocurrency called Monero, using resources from visitors' PCs.
In many cases, Coin Hive is used in place of ads, though in this case someone hacked Politico to run multiple instances of Coin Hive at the same time. Those multiple instances are what caused Murch's PC to ramp up to 100 percent CPU usage, along with others who visited the website, including security expert Brian Krebs.
Politifact[dot]com is not fun to visit right now. Spawned 2 dozen instances of Coinhive monero harvesting scripts. CPU to 100% instantly pic.twitter.com/LVJhPtW2MK— briankrebs (@briankrebs) October 13, 2017
Coin Hive is becoming an increasingly popular option on major websites. The infamous torrent site The Pirate Bay (TPB) recently experimented with Coin Hive (and caught some heat for not being upfront about it), and it was recently discovered that Showtime, a premium cable channel, was also running the script as the result of a hack.